Vulnerability Details CVE-2014-8878
KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.2%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2015/07/16/10
- http://www.securityfocus.com/bid/75986
- https://bugs.kde.org/show_bug.cgi?id=340312
- https://bugzilla.redhat.com/show_bug.cgi?id=1243777
- http://www.openwall.com/lists/oss-security/2015/07/16/10
- http://www.securityfocus.com/bid/75986
- https://bugs.kde.org/show_bug.cgi?id=340312
- https://bugzilla.redhat.com/show_bug.cgi?id=1243777